Php prevents counterfeit data from being submitted from the address bar URL.

Php prevents counterfeit data from being submitted from the address bar URL. Php prevents counterfeit data from being submitted from the address bar URL. when the forged url is submitted from the URL, it first checks the source code of the previous page as follows: * PHP prevents unauthorized access to php from forging the data submitted from the address bar URL and forging the url

The following code first checks the source of the previous page for the submission of forged data from a URL:

<? /* PHP method to prevent data from being submitted outside the site */function CheckURL () {$ servername = $ _ SERVER ['server _ name']; $ sub_from = $ _ SERVER ["HTTP_REFERER"]; $ sub_len = strlen ($ servername); $ checkfrom = substr ($ sub_from, 7, $ sub_len); if ($ checkfrom! = $ Servername) die ("Warning! You are submitting data from outside! Please terminate now! ") ;}?>

This method can only prevent the URL entered manually in the browser address bar.

In fact, as long as a hyperlink (www.jb51.net) is constructed on the server to point to the URL, such as adding a hyperlink to the post and then clicking it, this Check will not work at all.
Currently, it is relatively reliable to transmit important data using the POST method.
You can insert some hidden text into the form to transfer data.
Alternatively, use Ajax to submit data to the server from the client.

/* Create an XHR object */function createXHR () {if (window. XMLHttpRequest) {var oHttp = new XMLHttpRequest (); return oHttp;} else if (window. activeXObject) {var versions = ["MSXML2.XmlHttp. 6.0 "," MSXML2.XmlHttp. 3.0 "]; for (var I = 0; I <versions. length; I ++) {try {var oHttp = new ActiveXObject (versions [I]); return oHttp;} catch (error) {}}} throw new Error ("Your browser does not support AJAX! ");}/* Use AJAX to pass data to the page */function ajaxPost (url, query_string ='') {var xhr; xhr = createXHR (); xhr. open ('post', url, false); xhr. setRequestHeader ("Content-Type", "application/x-www-form-urlencoded; charset = gb2312"); xhr. onreadystatechange = function () {if (xhr. readyState = 4) if (xhr. status! = 200) return;} xhr. send (query_string );}

PHP code prevents external websites from submitting forms to this site

Try to add a verification code

Php methods to prevent direct website submission outside the site

Add a variable to the first page and then judge the variable to determine whether access is prohibited.
Index. php
$ I = $ _ GET ['I'];
$ Servername = $ HTTP_SERVER_VARS ['server _ name'];
$ Sub_from = $ HTTP_SERVER_VARS ["HTTP_REFERER"];
$ Sub_len = strlen ($ servername );
$ Checkfrom = substr ($ sub_from, 10, $ sub_len );
If ($ checkfrom! = $ Servername and! $ I ){
Echo ("script" alert ('Please do not submit data from outside! '); Window. location. href = 'login. php'; </script> ");
Exit;
}
?>

P. php
Script window. setTimeout ("location = 'index. php? I = 1' ", 20000) </script>

The problem is solved, but it is not very good. Haha
This is also an idea. I personally dislike the variable behind the url. it is also possible to change it to a hidden form POST .. However, JavaScript cannot be automatically redirected.

When commit commits forged data from a URL, it first checks the source code of the previous page:/* PHP prevents out-of-site extraction...